QwikSec

Security Database

CVE

CWE

Training

CVE-2025-58450

Published: Sep 8, 2025

Modified: Sep 9, 2025

PUBLISHED

Description

pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.

Vendor	Product	Versions
prest	prest	affected `< 2.0.0-rc3`

Weaknesses (CWE)

References

https://github.com/prest/prest/security/advisories/GHSA-p46v-f2x8-qp98

x_refsource_CONFIRM

https://github.com/prest/prest/commit/47d02b87842900f77d76fc694d9aa7e983b0711c

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.